<?php

define("PKI_DIR", dirname(__FILE__) . DIRECTORY_SEPARATOR);
//Passphrase can be taken during registration
define("PKI_PASSPHRASE", "melodi79");

function RSA_IsCertificatExist($appid)
{
	return file_exists(PKI_DIR . "PKI/private/$appid.key");
}

function RSA_GenerateCertificat($appid, $numberofdays)
{
	# generate a 2048 bit rsa private key, ask for a passphrase to encrypt it and save to file 
	//openssl genrsa -des3 -out /path/to/privatekey 1024 

	# generate the public key for the private key and save to file 
	//openssl rsa -in /path/to/privatekey -pubout -out /path/to/publickey 
	//programatically using php-openssll 

	$dn = array(
		"countryName" => 'FR',
		"stateOrProvinceName" => 'Ile-de-France',
		"localityName" => 'Paris',
		"organizationName" =>'elouadi.biz',
		"organizationalUnitName" => 'elouadi.biz',
		"commonName" => $appid,
		"emailAddress" => 'mohamed.elouadi@gmail.com'); 
	
	//RSA encryption and 2048 bits length
	$privkey = openssl_pkey_new(array('private_key_bits' => 2048,'private_key_type' => OPENSSL_KEYTYPE_RSA));
	$csr = openssl_csr_new($dn, $privkey);
	$sscert = openssl_csr_sign($csr, null, $privkey, $numberofdays);
	openssl_x509_export($sscert, $publickey);
	openssl_pkey_export($privkey, $privatekey, PKI_PASSPHRASE);
	openssl_csr_export($csr, $csrStr);
	
	//Generated keys are stored into files
	$fp=fopen(PKI_DIR . "PKI/private/$appid.key","w");
	fwrite($fp,$privatekey);
	fclose($fp);
	
	$fp=fopen(PKI_DIR . "PKI/public/$appid.crt","w");
	fwrite($fp,$publickey);
	fclose($fp);
}

function RSA_Encrypt($data,$appid)
{          
	$path=PKI_DIR . "PKI/public/$appid.crt"; 
	$fp=fopen($path,"r"); 
	$pub_key=fread($fp,8192); 
	fclose($fp); 
	openssl_get_publickey($pub_key); 
	$j=0; 
	$x=strlen($data)/10; 
	$y=floor($x);
	
	for($i=0;$i<$y;$i++) {
		$crypttext='';
		openssl_public_encrypt(substr($data,$j,10),$crypttext,$pub_key);$j=$j+10; 
		$crt.=$crypttext;
		$crt.=":::";
	}
	
	if((strlen($data)%10)>0) {
		openssl_public_encrypt(substr($data,$j),$crypttext,$pub_key);
		$crt.=$crypttext;
	}
	return($crt);
}

function RSA_Decrypt($data,$appid) 
{
	$path=PKI_DIR . "PKI/private/$appid.key"; 
	$fpp1=fopen($path,"r");
	$priv_key=fread($fpp1,8192); 
	fclose($fpp1); 
	$res1= openssl_get_privatekey($priv_key,PKI_PASSPHRASE); 
	$tt=explode(":::",$data); 
	$cnt=count($tt); 
	$i=0; 
	while($i<$cnt) { 
		openssl_private_decrypt($tt[$i],$str1,$res1); 
		$str.=$str1; 
		$i++; 
	}
	return $str; 
}

function RSA_Sign($data,$appid) 
{ 
	$has=sha1($data); 
	$data.="::"; 
	$data.=$has; 
	$path=PKI_DIR . "PKI/public/$appid.crt"; 
	$fp=fopen($path,"r"); 
	$pub_key=fread($fp,8192); 
	fclose($fp); 
	openssl_get_publickey($pub_key); 
	openssl_public_encrypt($data,$mese,$pub_key); 
	return $mese;
}

function RSA_Verify($data,$appid)
{
	$path=PKI_DIR . "PKI/private/$appid.key"; 
	$fpp1=fopen($path,"r"); 
	$priv_key=fread($fpp1,8192); 
	fclose($fpp1); 
	$res1= openssl_get_privatekey($priv_key,PKI_PASSPHRASE); 
	openssl_private_decrypt($data,$has1,$res1); 
	list($c1,$c2)=split("::",$has1); 
	$has=sha1($c1); 
	if($has==$c2) {
		$message=$c1;
		throw new Exception("Verifying failed:$message");
	}
}

function RSA_GetPublicKey($appid) 
{
	$path=PKI_DIR . "PKI/public/$appid.crt";
	$fp=fopen($path,"r");
	$pub_key=fread($fp,8192);
	fclose($fp);
	return $pub_key;
}

/*
$appid = "freebox";
if(!RSA_IsCertificatExist($appid))
	RSA_GenerateCertificat($appid, 365);
echo "\nPublic key[" . RSA_GetPublicKey($appid) . "]";
$data = "test";
$encryptedData = RSA_Encrypt($data, $appid);
echo "\n EncryptedData[$encryptedData]";
$decryptedData = RSA_Decrypt($encryptedData, $appid);
echo "\n DecryptedData[$decryptedData]";
*/

?>